63 static void audit_free_lsm_field(struct audit_field *f)  in audit_free_lsm_field()  argument
65 	switch (f->type) {  in audit_free_lsm_field()
76 		kfree(f->lsm_str);  in audit_free_lsm_field()
77 		security_audit_rule_free(f->lsm_rule);  in audit_free_lsm_field()
152 				 struct audit_field *f)  in audit_to_inode()  argument
156 	    (f->op != Audit_equal && f->op != Audit_not_equal))  in audit_to_inode()
159 	krule->inode_f = f;  in audit_to_inode()
323 static int audit_field_valid(struct audit_entry *entry, struct audit_field *f)  in audit_field_valid()  argument
325 	switch (f->type) {  in audit_field_valid()
339 		switch(f->type) {  in audit_field_valid()
349 	switch (f->type) {  in audit_field_valid()
383 		if (f->op == Audit_bitmask || f->op == Audit_bittest)  in audit_field_valid()
403 		if (f->op != Audit_not_equal && f->op != Audit_equal)  in audit_field_valid()
412 	switch (f->type) {  in audit_field_valid()
414 		if ((f->val != 0) && (f->val != 1))  in audit_field_valid()
418 		if (f->val & ~15)  in audit_field_valid()
422 		if (f->val & ~S_IFMT)  in audit_field_valid()
426 		if (f->val > AUDIT_MAX_FIELD_COMPARE)  in audit_field_valid()
430 		if (f->val >= AF_MAX)  in audit_field_valid()
458 		struct audit_field *f = &entry->rule.fields[i];  in audit_data_to_entry()  local
463 		f->op = audit_to_op(data->fieldflags[i]);  in audit_data_to_entry()
464 		if (f->op == Audit_bad)  in audit_data_to_entry()
467 		f->type = data->fields[i];  in audit_data_to_entry()
471 		if ((f->type == AUDIT_LOGINUID) && (f_val == AUDIT_UID_UNSET)) {  in audit_data_to_entry()
472 			f->type = AUDIT_LOGINUID_SET;  in audit_data_to_entry()
477 		err = audit_field_valid(entry, f);  in audit_data_to_entry()
482 		switch (f->type) {  in audit_data_to_entry()
489 			f->uid = make_kuid(current_user_ns(), f_val);  in audit_data_to_entry()
490 			if (!uid_valid(f->uid))  in audit_data_to_entry()
498 			f->gid = make_kgid(current_user_ns(), f_val);  in audit_data_to_entry()
499 			if (!gid_valid(f->gid))  in audit_data_to_entry()
503 			f->val = f_val;  in audit_data_to_entry()
504 			entry->rule.arch_f = f;  in audit_data_to_entry()
522 			f->lsm_str = str;  in audit_data_to_entry()
523 			err = security_audit_rule_init(f->type, f->op, str,  in audit_data_to_entry()
524 						       (void **)&f->lsm_rule);  in audit_data_to_entry()
540 			err = audit_to_watch(&entry->rule, str, f_val, f->op);  in audit_data_to_entry()
553 			err = audit_make_tree(&entry->rule, str, f->op);  in audit_data_to_entry()
560 			f->val = f_val;  in audit_data_to_entry()
561 			err = audit_to_inode(&entry->rule, f);  in audit_data_to_entry()
594 			f->val = f_val;  in audit_data_to_entry()
642 		struct audit_field *f = &krule->fields[i];  in audit_krule_to_data()  local
644 		data->fields[i] = f->type;  in audit_krule_to_data()
645 		data->fieldflags[i] = audit_ops[f->op];  in audit_krule_to_data()
646 		switch(f->type) {  in audit_krule_to_data()
658 				audit_pack_string(&bufp, f->lsm_str);  in audit_krule_to_data()
679 			if (krule->pflags & AUDIT_LOGINUID_LEGACY && !f->val) {  in audit_krule_to_data()
686 			data->values[i] = f->val;  in audit_krule_to_data()
1330 			struct audit_field *f = &e->rule.fields[i];  in audit_filter()  local
1334 			switch (f->type) {  in audit_filter()
1337 				result = audit_comparator(pid, f->op, f->val);  in audit_filter()
1340 				result = audit_uid_comparator(current_uid(), f->op, f->uid);  in audit_filter()
1343 				result = audit_gid_comparator(current_gid(), f->op, f->gid);  in audit_filter()
1347 							      f->op, f->uid);  in audit_filter()
1351 							  f->op, f->val);  in audit_filter()
1354 				result = audit_comparator(msgtype, f->op, f->val);  in audit_filter()
1361 				if (f->lsm_rule) {  in audit_filter()
1365 						   f->type, f->op, f->lsm_rule);  in audit_filter()
1370 				if (f->op == Audit_not_equal)  in audit_filter()